CN103297223A - Self-recovery fault-tolerant AES structure based on reconfigurable dynamic state and encryption method thereof - Google Patents
Self-recovery fault-tolerant AES structure based on reconfigurable dynamic state and encryption method thereof Download PDFInfo
- Publication number
- CN103297223A CN103297223A CN2013101637915A CN201310163791A CN103297223A CN 103297223 A CN103297223 A CN 103297223A CN 2013101637915 A CN2013101637915 A CN 2013101637915A CN 201310163791 A CN201310163791 A CN 201310163791A CN 103297223 A CN103297223 A CN 103297223A
- Authority
- CN
- China
- Prior art keywords
- input
- data
- reconfigurable
- selector
- output
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Abstract
The invention provides a self-recovery fault-tolerant AES structure based on a reconfigurable dynamic state and an encryption method of the self-recovery fault-tolerant AES structure based on the reconfigurable dynamic state, and belongs to the technical field of information security. The self-recovery fault-tolerant AES structure is provided with a clock module, a control module, a reconfigurable array module, a secret key expanding module and an input and output interface module. The reconfigurable array module is an M*N reconfigurable processing unit array connected with an M*N interconnection switches of a 2D-TORUS network structure. The encryption method comprises the steps that an exclusive-or operation or byte conversion, row conversion and line mixture are conducted sequentially in K-1 turns of operations, a line mixture operation is omitted in the last turn, and finally the exclusive-or operation is conducted. According to the self-recovery fault-tolerant AES structure based on the reconfigurable dynamic state and the encryption method of the self-recovery fault-tolerant AES structure based on the reconfigurable dynamic state, an operational function is divided into independent reconfigurable operation units in detail, the same unit is added and serves as a redundant portion, so that the reconfigurable self-recovery fault-tolerant AES structure is formed, and the self-recovery function of the AES algorithm is achieved.
Description
Technical field
The invention belongs to field of information security technology, be specifically related to a fault-tolerant AES structure of the recovery certainly based on dynamic reconfigurable and encryption method thereof.
Background technology
In order to improve chip reliability and fail safe, adopt fault-toleranr technique to design whole system usually.By the redundancy utilization to resource, when structure breaks down, walk around the fault zone, finish systemic-function, be cost to sacrifice a part of redundant resource, exchange the raising of reliability for.The dynamic restructuring array network shields at the bad point of chip as novel means, the polycaryon processor dynamic interaction, and the multi core chip fault tolerant improves aspects such as chip yield, has all represented its distinctive effect.Reconfiguration system flexibly, the line of data is mutual, all system reliability has been had bigger raising.
At AES (Advanced Encryption Standard, Advanced Encryption Standard) design feature of encryption system, adopt the thought of dynamic restructuring, calculation function is sub-divided in the independent reconfigurable arithmetic unit, add identical unit and do redundancy section, using the connection switch to connect becomes two-dimentional TORUS network, constitutes reconfigurable system configuration.This system uses certain redundant resource to realize the self-repair function of AES, when it is subjected to the space influence and causes a part of resources of chip to lose efficacy, finishes the recovery of systemic-function by dynamic restructuring, guarantees the realization of data encryption feature.Dynamic restructuring AES encryption system is more complicated in design, need suitable oneself to detect and the system reconfiguration algorithm, masked the unit that damages targetedly, realize selfreparing, strengthened redundant flexibility in system, compare with traditional triplication redundancy structure, have higher reliability and fail safe.
Restructuring array is used on the hardware circuit Redundancy Design of very lagre scale integrated circuit (VLSIC) VLSI and WSI usually, because the raising of large scale integrated circuit integrated level causes chip complexity to increase, area increases, and then have influence on the defects count increase, influenced rate of finished products.When design VLSI and other circuit of WSI level, in order to improve reliability and chip yield, use fault-toleranr technique, so that circuit possesses fault-tolerant ability.The fault-tolerant works of external early stage digital system the inside has comprised reconfigurable basic conception and a lot of classical design.
At home, the virgin diligent justice of Liao state peace is before 90 years, delivered many pieces of articles successively and introduced the fault-toleranr technique of VLSI, having comprised: the fault-tolerant modular approach of the fault-toleranr technique during full wafer is integrated and structural design, array structure matrix multiplier, real time signal processing are with papers such as the reliability analysis model of the fault-tolerant design of the fault-tolerant design of VLSI, VLSI two-dimensional array and fault-tolerant VLSI and application thereof.People such as Zhao Tian thread in 1999, Hao Yue study in the literary composition in the design of VLSI fault-tolerant architecture and reliability model thereof, and tree-like redundancy structure is summed up.Up-to-date research is based on the fault-toleranr technique design of bionics array.
In nineteen ninety, the Wang Lei of department of computer science of University Of Tianjin discloses " fault-tolerant multiprocessor network system configuration ", proposition should cause concern in the research to reliability, fault-tolerant multiprocessor network aspect distributed/multicomputer system, be implemented in when improving the wafer qualification rate, improve the flexibility of system.
Existing AES reconfigurable design mainly is that structural function is added, and such as supporting multiple length, can support AES and SMS4 cryptographic algorithm to switch, and the encrypting and decrypting partial circuit is multiplexing, realizes the saving of resource.
Summary of the invention
The present invention is directed to the design feature of AES encryption system, poor in order to overcome traditional triplication redundancy configuration flexibility, the deficiency that reliability and security is low, the thought of employing dynamic restructuring proposes the fault-tolerant AES structure of a kind of recovery certainly based on dynamic reconfigurable and encryption method thereof.
The invention provides the fault-tolerant AES structure of a kind of recovery certainly based on dynamic reconfigurable, comprising: clock module, control module, reconfigurable arrays module, cipher key expansion module and input/output interface module.
Clock module receives the clock of outside input, and the clock signal that output AES arrangement works needs is given control module, drive circuit works.Input/output interface module will need ciphered data input reconfigurable arrays module, will be as the data input cipher key expansion module of key.Cipher key expansion module is carried out the cipher key spreading processing to the data that receive, and will handle the transfer of data that generates and arrive the reconfigurable arrays module.Control module generates self-test data, receive the misjudgment signal, carry out the control flow that the AES cryptographic calculation is handled, transmission is to the control signal of reconfigurable arrays module, cipher key expansion module and input/output interface module work, and the work feedback signal of reception reconfigurable arrays module, cipher key expansion module and input/output interface module.The key that the reconfigurable arrays module is imported in conjunction with cipher key expansion module the data of importing into from input/output interface module carries out the AES cryptographic calculation to be handled, and the encrypt data that generates is exported by input/output interface module.
The reconfigurable arrays module comprise M capable * reconfigurable processing unit of N row and M be capable * interconnection box of N row, M is capable * and the interconnection box of N row is the 2D-TORUS network configuration, the reconfigurable processing unit of every row links to each other with adjacent interconnection box, is directly linked to each other by interconnection box between the reconfigurable processing unit of adjacent lines.
The present invention is based on describedly from recovering fault-tolerant AES structure, a kind of AES encryption method is provided, concrete steps are as follows:
Step 1: in first round calculation process, the first selector of each reconfigurable processing unit selects clear data to input to the first XOR unit;
Step 2: take turns computing, order asks XOR, byte conversion, line translation and row to mix in every the wheel; Specifically:
Step 2.1: reconfigurable processing unit carries out XOR with the expanded keys of input with from the data that first selector is selected in the first XOR unit, takes turns computing second and begins, and first selector is selected the data of row hybrid operation unit output;
Step 2.2: will carry out the byte conversion through the data input byte transform operation unit of XOR;
Step 2.3: carry out line translation; Through the data of byte conversion, select output by second selector, realize that data are to shifting left; Select output by third selector, realize not being shifted; Select output by the 4th selector, realize dextroposition;
Whether step 2.4: judging current is that last takes turns computing, if, execution in step 3; If not, then the row hybrid operation unit with the input of the data after line translation same column reconfigurable processing unit carries out the row hybrid operation, changes step 2.1 then and carries out;
Step 3: the data after the line translation are imported the second XOR unit, carry out XOR with the expanded keys of input, obtain enciphered data, and the enciphered data recovery is exported in proper order.
Of the present inventionly be from the advantage and the good effect that recover fault-tolerant AES structure and encryption method thereof: of the present invention oneself recovers fault-tolerant AES structure and encryption method thereof and can be used for AES encryption hardware system under the particular surroundings, after the impaired inefficacy of device portions functional unit, can be by the functional unit of dynamic-configuration redundancy, and be reconstructed into correct AES encryption function, realize fault-tolerant self-healing effect.Even make the encryption chip of under specific condition, working be subjected to some special high radiation, violent variations in temperature, during various soft or hard mistake such as information bit upset, still can be by the restructural technology under situation unmanned on the scene, autonomous reconfigures trouble unit or failed module, finish autonomous reparation, guarantee the normal operation of chip, improved the reliabilty and availability of system greatly.
Description of drawings
Fig. 1 is of the present invention from the module diagram that recovers fault-tolerant AES structure;
Fig. 2 is the structural representation of the reconfigurable arrays module of the embodiment of the invention;
Fig. 3 a is existing original aes algorithm flow chart;
Fig. 3 b is the aes algorithm flow chart after the present invention improves;
Fig. 4 is the structural representation of reconstruction processing of the present invention unit;
Fig. 5 is the schematic diagram data of input/output interface module input reconfigurable arrays module of the present invention;
Fig. 6 a is the schematic diagram of 4 kinds of line translation displacements;
Fig. 6 b is the schematic diagram that the present invention realizes the line translation displacement;
Fig. 7 is the structural representation that the present invention realizes being listed as mixing;
Fig. 8 a is the array label schematic diagram in the embodiment of the invention;
Fig. 8 b is the schematic diagram that reconfigurable processing unit damages and selects in the embodiment of the invention.
Embodiment
The present invention is described in further detail below in conjunction with drawings and Examples.
Of the present invention from recovering fault-tolerant AES structure and encryption method thereof, adopt the more module of refinement, the use reconstructed network connects, make it have the function of reconstruct, when the redundant module unit is provided, can finish and use the residual mode module unit to constitute the AES encryption system, resist system failure to a certain degree, finish self-repair function.
As shown in Figure 1, the fault-tolerant AES structure of the recovery certainly based on dynamic reconfigurable of the present invention comprises: clock module 1, control module 2, reconfigurable arrays module 3, cipher key expansion module 4 and input/output interface module 5.There are 3 interfaces this AES structure and outside, a clock input, a data input, a data output.
The reconfigurable arrays module comprise M capable * reconfigurable processing unit of N row and M be capable * interconnection box of N row, M is capable * and the interconnection box of N row is the 2D-TORUS network configuration, the reconfigurable processing unit of every row links to each other with adjacent interconnection box, is directly linked to each other by interconnection box between the reconfigurable processing unit of adjacent lines.M is the integer greater than 4, and N is the integer more than or equal to 4.Each 8 Bit datas that receive of each reconfigurable processing unit in the reconfigurable arrays module.
As shown in Figure 2, embodiment of the invention reconfigurable arrays module 3 adopts the reconfigurable processing unit array structure of four row, six row, and namely getting M is that 6, N is 4.Shown in Figure 2, comprise the reconfigurable processing unit of 6 row * 4 row and the interconnection box of 6 row * 4 row in the reconfigurable arrays module 3, the interconnection box of 6 row * 4 row is a 2D-TORUS array structure, the reconfigurable cell of every row directly links to each other with adjacent interconnection box, is directly linked to each other by interconnection box between the reconfigurable processing unit of up-downgoing.The interconnection box of first row and the reconfigurable processing unit of last row are considered as adjacent, and the reconfigurable processing unit of first row and the reconfigurable processing unit of last column are considered as adjacent.Cipher key expansion module 4 output key key give reconfigurable arrays module 3, control module 2 output control signal contorl give reconfigurable arrays module 3, reconfigurable arrays module 3 receives the clear data State_in that input/output interface module 5 sends, data are encrypted generation encrypt data State_out, and encrypt data State_out is exported to input/output interface module 5.
Shown in Fig. 3 a, be existing aes algorithm flow chart.After state input signal (the being clear data) input, the state input signal is done following processing: an XOR is carried out in beginning earlier; Then do the calculation process of K-1 wheel, byte conversion before this in every the wheel is line translation then, is that row mix again, is again XOR at last; When samsara after the K-1 wheel, the result who obtains is carried out last takes turns calculation process, last takes turns with preceding K-1 wheel slightly different, has saved once row hybrid operation process.
Shown in Fig. 3 b, use of the present inventionly from recovering fault-tolerant AES structure, adopt improved aes algorithm flow chart.After the input of state input signal, the state input signal is done following processing: at first do K-1 wheel calculation process, order asks XOR, byte conversion, line translation and row to mix in every the wheel; Then, will carry out last again and take turns, when just K takes turns, ask XOR, byte conversion and line translation successively, omit the row hybrid operation; Once ask XOR at last.
The compute mode of aes algorithm each several part, the byte conversion with ask XOR to realize consistent with existing AES hardware, but row mix the modification that need make in the input, it can be finished mixes output to row that list totally 6 reconfigurable processing units and selects computing, line translation then is by being communicated with the path of reconfigurable processing unit and adjacent interconnection switch, realizing the data shift function of line direction.The improved aes algorithm flow process of the present invention, the mentality of designing of suitable more reconfigurable arrays module 3.Last does not carry out the row hybrid operation after taking turns line translation, but one more is asked XOR, current XOR is within the computing of K wheel, to make design more complicated if in row mixing place circuit is set separately, in the aes algorithm flow process after the present invention improves, every take turns in the computing XOR placed before, so just can be directly in the end one take turns row mix before a path exporting of adding, once ask XOR, simplicity of design separately.
The improved aes algorithm flow process of corresponding the present invention, the minimum unit structure of corresponding reconfigurable processing unit, as shown in Figure 4, input is as shown in table 1 among the figure.
The input of table 1 reconfigurable processing unit
Among Fig. 4, REG represents register, and MIX COLUMN represents row hybrid operation unit, and MUX presentation selector, SBOX are represented byte transform operation unit, and XOR represents the XOR unit.XOR1 represents the first XOR unit, and XOR2 represents the second XOR unit.MUX1 represents first selector, and MUX2 represents second selector, and MUX3 represents third selector, and MUX4 represents the 4th selector.Each reconfigurable processing unit is handled 8 be-encrypted data (being clear data).
As shown in Figure 4, reconfigurable processing unit comprises five input ports, four output ports, a row hybrid operation unit, four selectors, two XOR unit and a byte transform operation unit.
First input end mouth STATE_IN is the clear data input port, with clear data incoming first selector MUX1.The second input port KEY_IN is the key input port, with two XOR unit XOR1 of key input and XOR2.The 3rd input port LEFT_IN is the left-handed opening input port, and the interconnection box adjacent with the reconfigurable processing unit left side is connected, data input third selector MUX3 and the 4th selector MUX4 of the input of the 3rd input port.Four-input terminal mouth RIGHE_IN is right switch input terminal mouth, and the interconnection box adjacent with reconfigurable processing unit the right is connected, data input second selector MUX2 and the third selector MUX3 of the input of four-input terminal mouth.The 5th input port MIX_IN is connected with the row hybrid output port of a same column M reconfigurable processing unit for row mix input port, the data input row hybrid operation unit MIX COLUMN of the 5th input port input.The data incoming first selector MUX1 of row hybrid operation unit MIX COLUMN after with the row hybrid operation, the output of first selector MUX1 connects the first XOR unit XOR1, the first XOR unit XOR1 carries out the XOR processing with the key data of second input port input and the data of first selector MUX1 input, and the data after output is handled are given byte transform operation cell S BOX.Data input second selector MUX2, third selector MUX3 and the 4th selector MUX4 after byte transform operation cell S BOX handles.The output of second selector MUX2 connects the second output port LEFT_OUT, and second output port is the left-handed opening output port, and the interconnection box adjacent with the reconfigurable processing unit left side is connected.The output of third selector MUX3 connects the 4th output port MIX_OUT and the second XOR unit XOR2.The 4th output port MIX_OUT is the row hybrid output port, and XOR is made with the data of third selector output and the key data of second input port input in the second XOR unit, and the output enciphered data is to the first output port STATE_OUT.The output of the 4th selector MUX4 connects the 3rd output port RIGHT_OUT, and the 3rd output port is right output switching terminal mouth, and the interconnection box adjacent with reconfigurable processing unit the right is connected.
In order to cooperate reconfigurable arrays module 3, the data input and output between input/output interface module 5 and the whole reconfigurable arrays module 3 as shown in Figure 5.Among the figure, input/output interface module 5 receives the clear data input reconfigurable arrays module of 128 bits, and the input data are the 0th to the 127th totally 128 Bit datas; The the 96th to 127 32 Bit datas in 128 (bit) data of [127:96] expression, ensuing [95:64] then represents 32 Bit datas that the 64th to 95 of its back is, by that analogy.As shown in Figure 5, per 32 be-encrypted data and 32 expanded keys, select 4 in 6 reconfigurable processing units in the same row in the reconfigurable arrays module 3 of the embodiment of the invention, and after the computing of AES cryptographic algorithm N wheel is finished, the enciphered data that generates is arranged output by the position order of initial be-encrypted data.For be-encrypted data and expanded keys, each reconfigurable processing unit adopts four of 8 bits to select a selector respectively, respectively selects 8 Bit datas the 32 bit clear datas of coming in from input and the expanded keys.In reconfigurable arrays module 3, each reconfigurable processing unit of every row connects six input selectors of 48 bits, data from each six input selector after output 8 bit encryption, the enciphered data of generation is the outputs of 32 Bit datas by the position order recovery of initial be-encrypted data.
1) byte conversion (SBOX): the present invention uses BRAM to realize, because in the reconfigurable arrays module, the mistake of byte conversion is looked as a whole, and it is wrong in order to measuring ability to use BRAM also can manually add.BRAM has short path delay, can reach very high transmission rate.BRAM is writing a Chinese character in simplified form of Block RAM, represents embedded block RAM, can be configured to storage organizations commonly used such as single port RAM, two-port RAM, content address memory.The present invention realizes that the byte transform operation is consistent with the realization of existing AES hardware with method with the hardware of asking XOR.
2) line translation (SHIFT ROW): in the AES cryptographic algorithm, need to realize 4 kinds of line translations displacements, be respectively be not shifted, move to left 1, move to left 2 and move to left 3.Because every capable reconfigurable processing unit forms a loop, therefore move to left 3 be the same with 1 effect that moves to right.Whether remaining issues moves to left exactly 2 and how to realize, need to realize moving to left 2 with 2 loops.When recognizing that non-wiping delegation does not need a loop in fact, only need just can inner selection of reconfigurable processing unit by MUX MUX.And the row state input data (being clear data) of input can be assigned in the middle of in 6 reconfigurable processing units of these row any one in input/output interface module 5, and when output, recover.Like this, just 2 needed 8 reconfigurable cells altogether that are not shifted in the line translation and move to left are carried out cross-assignment, by MUX in the reconfigurable processing unit finish be not shifted select in, about MUX can allow data about pass through in two interconnection switches, so just intersecting and allowing move to left 4 reconfigurable processing units of 2 be divided into 2 pairs, be in the middle of 2 loops concrete the distribution shown in first row and second row of Fig. 6 b respectively.Fig. 6 a shows, the first row (S
0,0, S
0,1, S
0,2, S
0,3) do not need to carry out any conversion, and the second row (S
1,0, S
1,1, S
1,2, S
1,3) and fourth line (S
3,0, S
3,1, S
3,2, S
3,3) needs move to left 1, needs move to left 3, are exactly to move to right 1 and move to left 3, all only need a loop to get final product.And the third line (S
2,0, S
2,1, S
2,2, S
2,3) to move to left 2, need two loops.Among Fig. 6 b, the loop of first row and second row is used for realizing moving to left 2, and the loop of the third line is used for realizing moving to left 1, and the loop of fourth line is used for realizing moving to left 3.First row of Fig. 6 b and second row, S
2,0And S
2,2Be divided into 1 pair, be in the middle of 1 loop S
2,1And S
2,3Be divided into 1 pair, be in the middle of 1 loop; When mobile, by with S
2,0And S
2,2Between second selector MUX2 at interval the reconfigurable processing unit select the data of the right switch input terminal mouth input of output, realize S
2,2Move to S
2,0The position, with S
2,0Move to S
2,2The position; In like manner, by with S
2,1And S
2,3Between the 4th selector MUX4 at interval the reconfigurable processing unit select to be output as the data of left-handed opening input port input, realize displacement.
3) row mix: the row hybrid operation is placed in the reconfigurable processing unit, and row mix the row mixed output signal of 4 unit need selecting to be configured to current 4x4 work array in 6 reconfigurable processing units of same row, carry out the row hybrid operation.Though the row hybrid operation need be carried out logical operation to 32 inputs, computing wherein is fairly simple, can design easily.By the multiplying to cryptographic calculation, x2, x3, x1 and x0 make up, and x3 carries out XOR by x2 and x1 to be realized, reduces the resource use amount.In 6 reconfigurable processing units, select 4 reconfigurable processing units to carry out the row hybrid operation, 6 input opsition dependents are carried out different coefficients carry out multiplication, calculate by x0 for 2 unwanted reconfigurable processing unit inputs, carry out 8 bit result that whole XORs obtain being listed as mixing at last.As shown in Figure 7, S0, S1, S2, S3, S4, S5 represents 6 reconfigurable cell inputs respectively, four kinds of coefficients, x1 represents that with direct line x2 stipulates according to multiplication, can realize by line displacement and 3 XOR gate, the result that x3 is later with x2 and the line of x1 carry out XOR, and x0 carries out and computing with 0, among Fig. 8
Expression x3.
4) XOR is realized: the XOR part is very simple, and 8 Bit datas carry out XOR exactly, obtain the XOR result of current data and expanded keys.
5) The pipeline design: The pipeline design can improve the time-delay of critical path, thereby provides from the operating frequency of recovering fault-tolerant AES structure, obtains higher performance and throughput.What adopt among the present invention is the loop structure of AES, i.e. the K of AES ciphering process wheel circulation is carried out, so adopt pipeline organization must encrypt the encrypted set number that equates with pipeline series simultaneously.What the present invention adopted is 2 level production lines, and in FPGA emulation, interconnection box has certain time-delay, and in interconnection box, adds register can bring very large resource consumption, and brings huge complexity to control section.And find that in design the reconfigurable arrays module realizes that reconstruct at most will be through 4 interconnection switches and 1 unit of passing by, this part path delay becomes the longest path time-delay, adds register in this section and makes it follow other part time-delays to be close to the operating frequency that quite just can reach from recovering fault-tolerant AES structure maximum.Before the MUX of reconfigurable processing unit inside, be provided with a register, be provided with the one-level register before the inner row hybrid operation, though this register causes resource consumption to increase, other positions all do not have this position to cut apart the track performance height.Be provided with 2 grades of registers at last output, the first order be used for 2 groups of data encryptions avoid last take turns ask one group of data of XOR and front second from the bottom take turns ask the XOR conflict, second level register is used for the output data stabilization.As shown in Figure 4, specifically before row hybrid operation unit, be provided with a register, between the connection of byte transform operation unit second selector, third selector and the 4th selector, be provided with a register, between third selector and the second XOR unit, be provided with a register, be provided with a register at the second XOR unit output.
6) reconstruction strategy and example: input/output interface module 5 can be in the array of this 4x6,4 unit of every column selection, and the array that reconstitutes a 4x4 carries out aes algorithm.For what interconnection box can be arranged out do not clash, need to determine wire laying mode and the wiring algorithm that to realize.4x6 unit is numbered so that the back mark is convenient, shown in Fig. 8 a.Suppose that damaged condition is shown in Fig. 8 b in the array, its middle twill is labeled as the unit and damages, and has only a unit to damage at the 4th row, in order to constitute the array of 4x4, it is on the shelf that system should choose a unit automatically, for example selects the 5th reconfigurable processing unit not use, in the drawings with the horizontal line mark.Linking to each other has 1 row interconnection box as the wiring path between two row, can realize the connection of reaching the standard grade between the data different rows, and then can choose different row, forms 4 loops of line translation.
Then data path situation is carried out emulation, cabling scenario is to determine that what use during emulation was the scheme of not being with streamline, the one group of data of once only encrypting before the streamline of reconfigurable processing unit is optimized.Use the data in official's aes algorithm handbook, can contrast each expanded keys of taking turns and take turns the correctness of encrypted result with each, find that through contrast the intact 4x4 array encryption function afterwards of reconstruct is correct.
AES encryption method provided by the invention, shown in Fig. 3 b, the specific implementation step is as follows.
Step 1: in the first round of aes algorithm calculation process, reconfigurable processing unit is selected clear data (state input signal).Encrypting in the first round, the first selector MUX1 selection mode input signal State_in of each reconfigurable processing unit inputs to the first XOR unit XOR1.
Step 2: take turns computing then, order asks XOR, byte conversion, line translation and row to mix in every the wheel.
Step 2.1: reconfigurable processing unit carries out XOR with the expanded keys of input with from the data that first selector is selected in the first XOR unit.In the first round computing, the data that first selector is selected are exactly the state input signal of step 1 input, take turns computing second and begin, and first selector is selected the data of row hybrid operation unit output.
Step 2.2: will carry out the byte conversion through the data input byte transform operation unit of XOR, and import 1 byte data and export a byte data, and finish displacement.
Step 2.3: line translation, (MUX2, MUX3 and MUX4) realizes that respectively data are to shifting left by 3 selectors, be not shifted, the transmission of dextroposition outputs to output (LEFT_OUT about reconfigurable cell, RIGHT_OUT), by about interconnection switches be transferred to the target reconfigurable processing unit.Select the output of left and right or this unit as next step data by selector (MUX3) then.Through the data of byte conversion, select output by second selector MUX2, realize that data are to shifting left; Select output by third selector MUX3, realize not being shifted; Select output by the 4th selector MUX4, realize dextroposition.
Whether step 2.4: judging current is that last takes turns computing, if, execution in step 3, if not, then the row hybrid operation unit with the input of the data after line translation same column reconfigurable processing unit is listed as the calculation of mixing unit.It is by row blended data output port MIX_OUT that row mix, and outputs among the row mixing input port MIX_IN of 6 reconfigurable processing units of same row.Row hybrid operation unit selects wherein 4 tunnel reconfigurable processing unit inputs of formulating to carry out computing under control, and output enters the next round computing by selector (MUX1).
Step 3: last is taken turns data and is not carried out row hybrid operation unit and handle, and carries out XOR but the data after the line translation are imported the second XOR unit XOR2, obtains enciphered data then, exports after reverting to the enciphered data of order.
Appendix B in the contrast AES official manual, the emulation of encrypted instance:
Input data (Input): 32 43 f6 a8,88 5a, 30 8d, 31 31 98 a2 e0 37 07 34
Key (Cipher Key): 2b 7e 15 16 28 ae d2 a6 ab f7 15 88 09 cf 4f 3c
Matrix of consequence is: 39 02 dc 19
25?dc?11?6a
84?09?85?0b
1d?fb?97?32
And appendix C, the emulation of vectorial example:
C.1AES-128(Nk=4,Nr=10)Example?Vectors
Text (PLAINTEXT): 00112233445566778899aabbccddeeff before encrypting
Every expanded keys of taking turns (KEY): 000102030405060708090a0b0c0d0e0f
Circulation 10 is taken turns and is encrypted output result (Round[10] .output): 69c4e0d86a7b0430d8cdb78070b4c55a
Nk represents the number of words of each key string; Nr represents the encryption round number.
Test result is correct.Prove the configuration line function operate as normal of recovering fault-tolerant AES structure certainly of the present invention, AES encryption method of the present invention is correct.
Claims (8)
1. the fault-tolerant AES structure of the recovery certainly based on dynamic reconfigurable comprises as lower module: clock module, control module, reconfigurable arrays module, cipher key expansion module and input/output interface module; Clock module receives the clock of outside input, and the clock signal that output AES arrangement works needs is given control module, drive circuit works; It is characterized in that: input/output interface module will need ciphered data input reconfigurable arrays module, will be as the data input cipher key expansion module of key; Cipher key expansion module is carried out the cipher key spreading processing to the data that receive, and will handle the transfer of data that generates and arrive the reconfigurable arrays module; Control module generates self-test data, receive the misjudgment signal, carry out the control flow that the AES cryptographic calculation is handled, transmission is to the control signal of reconfigurable arrays module, cipher key expansion module and input/output interface module work, and the work feedback signal of reception reconfigurable arrays module, cipher key expansion module and input/output interface module; The key that the reconfigurable arrays module is imported in conjunction with cipher key expansion module the data of importing into from input/output interface module carries out the AES cryptographic calculation to be handled, and the encrypt data that generates is exported by input/output interface module; The reconfigurable arrays module comprise M capable * reconfigurable processing unit of N row and M be capable * interconnection box of N row, M is capable * and the interconnection box of N row is the 2D-TORUS network configuration, the reconfigurable processing unit of every row links to each other with adjacent interconnection box, between the reconfigurable processing unit of adjacent lines, directly linked to each other by interconnection box, M is the integer greater than 4, and N is the integer more than or equal to 4.
2. according to claim 1 from recovering fault-tolerant AES structure, it is characterized in that described clock module carries out frequency multiplication with the clock input that outside 50MHz crystal oscillator produces, and obtains the clock signal that the AES arrangement works needs.
3. according to claim 1 from recovering fault-tolerant AES structure, it is characterized in that described reconfigurable arrays module is selected the reconfigurable processing unit structures of 6 row * 4 row for use.
4. according to claim 1 from recovering fault-tolerant AES structure, it is characterized in that described reconfigurable processing unit comprises five input ports, four output ports, a row hybrid operation unit, four selectors, two XOR unit and a byte transform operation unit;
The first input end mouth is the clear data input port, with the clear data incoming first selector; Second input port is the key input port, with two XOR unit of key input; The 3rd input port is the left-handed opening input port, and the interconnection box adjacent with the reconfigurable processing unit left side is connected, data input third selector and the 4th selector of the input of the 3rd input port; The four-input terminal mouth is right switch input terminal mouth, and the interconnection box adjacent with reconfigurable processing unit the right is connected, data input second selector and the third selector of the input of four-input terminal mouth; The 5th input port is connected with the row hybrid output port of a same column M reconfigurable processing unit for row mix input port, the data input row hybrid operation unit of the 5th input port input;
The data incoming first selector of row hybrid operation unit after with the row hybrid operation, the output of first selector connects the first XOR unit, the first XOR unit carries out the XOR processing with the key data of input and the data of first selector input, data after output is handled are given byte transform operation unit, data input second selector, third selector and the 4th selector after byte transform operation cell processing; The output of second selector connects second output port, and second output port is the left-handed opening output port, and the interconnection box adjacent with the reconfigurable processing unit left side is connected; The output of third selector connects the 4th output port and the second XOR unit, the 4th output port is the row hybrid output port, XOR is made with the data of third selector output and the key data of second input port input in the second XOR unit, and the output enciphered data is to first output port; The output of the 4th selector connects the 3rd output port, and the 3rd output port is right output switching terminal mouth, and the interconnection box adjacent with reconfigurable processing unit the right is connected.
5. according to claim 4 from recovering fault-tolerant AES structure, it is characterized in that, described reconfigurable processing unit also comprises register, before row hybrid operation unit, be provided with a register, between the connection of byte transform operation unit second selector, third selector and the 4th selector, be provided with a register, between third selector and the second XOR unit, be provided with a register, be provided with a register at the second XOR unit output.
6. according to claim 1 or 4 described from recovering fault-tolerant AES structure, it is characterized in that, described input/output interface module, receive the clear data input reconfigurable arrays module of 128 bits, in the reconfigurable arrays module, each reconfigurable processing unit, adopt four of 8 bits to select a selector respectively, from 32 bit clear datas and expanded keys that input is come in, each selects 8 Bit datas, each reconfigurable processing unit of every row connects six input selectors of 48 bits, the data from each six input selector after output 8 bit encryption, and the enciphered data of generation is arranged output by the position order of initial be-encrypted data.
7. based on the arbitrary described AES encryption method of recovering fault-tolerant AES structure certainly of claim 4~5, it is characterized in that, comprise the steps:
Step 1: in first round calculation process, the first selector of each reconfigurable processing unit selects clear data to input to the first XOR unit;
Step 2: take turns computing, order asks XOR, byte conversion, line translation and row to mix in every the wheel; Specifically:
Step 2.1: reconfigurable processing unit carries out XOR with the expanded keys of input with from the data that first selector is selected in the first XOR unit, takes turns computing second and begins, and first selector is selected the data of row hybrid operation unit output;
Step 2.2: will carry out the byte conversion through the data input byte transform operation unit of XOR;
Step 2.3: carry out line translation; Through the data of byte conversion, select output by second selector, realize that data are to shifting left; Select output by third selector, realize not being shifted; Select output by the 4th selector, realize dextroposition;
Whether step 2.4: judging current is that last takes turns computing, if, execution in step 3; If not, then with the row hybrid operation unit of the input of the data after line translation same column reconfigurable processing unit, carry out the row hybrid operation, change step 2.1 then and carry out;
Step 3: the data after the line translation are imported the second XOR unit, carry out XOR with the expanded keys of input, obtain enciphered data, and the enciphered data recovery is exported in proper order.
8. AES encryption method according to claim 7 is characterized in that, the described line translation of step 2.3, and 2 the method for realizing moving to left is: establish input data (S
2,0, S
2,1, S
2,2, S
2,3), with S
2,0And S
2,2Be divided into 1 pair, import first and the 3rd reconfigurable processing unit of delegation's reconfigurable processing unit respectively, with S
2,1And S
2,3Be divided into 1 pair, import second and the 4th reconfigurable processing unit of another row reconfigurable processing unit respectively; When displacement, with S
2,0And S
2,2Between second selector at interval the reconfigurable processing unit select the data of the right switch input terminal mouth input of output, with S
2,1And S
2,3Between the 4th selector at interval the reconfigurable processing unit select to be output as the data of left-handed opening input port input.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201310163791.5A CN103297223B (en) | 2013-05-07 | 2013-05-07 | The fault-tolerant AES devices of self- recoverage and its encryption method based on dynamic reconfigurable |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201310163791.5A CN103297223B (en) | 2013-05-07 | 2013-05-07 | The fault-tolerant AES devices of self- recoverage and its encryption method based on dynamic reconfigurable |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN103297223A true CN103297223A (en) | 2013-09-11 |
| CN103297223B CN103297223B (en) | 2017-06-06 |
Family
ID=49097581
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201310163791.5A Expired - Fee Related CN103297223B (en) | 2013-05-07 | 2013-05-07 | The fault-tolerant AES devices of self- recoverage and its encryption method based on dynamic reconfigurable |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN103297223B (en) |
Cited By (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105912501A (en) * | 2016-05-06 | 2016-08-31 | 东南大学—无锡集成电路技术研究所 | SM4-128 encryption algorithm implementation method and system based on large-scale coarseness reconfigurable processor |
| CN105975251A (en) * | 2016-05-19 | 2016-09-28 | 东南大学—无锡集成电路技术研究所 | DES algorithm round iteration system and method based on coarse-grained reconfigurable architecture |
| WO2019089590A1 (en) | 2017-10-30 | 2019-05-09 | Stc.Unm | System and methods directed to side-channel power resistance for encryption algorithms using dynamic partial reconfiguration |
| CN112350819A (en) * | 2020-10-23 | 2021-02-09 | 四川九洲电器集团有限责任公司 | Full-pipeline SMS4 encryption and decryption method and system |
| CN113347029A (en) * | 2020-09-29 | 2021-09-03 | 北京航空航天大学 | Torus network fault tolerance method based on topology reconstruction and path planning |
| CN117056279A (en) * | 2023-10-12 | 2023-11-14 | 之江实验室 | Reconfigurable circuit, device for interconnection among reconfigurable core particles and method thereof |
Families Citing this family (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US11863304B2 (en) | 2017-10-31 | 2024-01-02 | Unm Rainforest Innovations | System and methods directed to side-channel power resistance for encryption algorithms using dynamic partial reconfiguration |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| EP1215841A2 (en) * | 2000-12-13 | 2002-06-19 | Broadcom Corporation | Methods and apparatus for implementing a cryptography engine |
| US20040091105A1 (en) * | 2002-11-08 | 2004-05-13 | Kim Ho Won | Apparatus for hyperelliptic-curve cryptography processing |
| CN1558588A (en) * | 2004-01-20 | 2004-12-29 | 海信集团有限公司 | Method for designing reconfigurable substitution module of reconfigurable cipher code coprocessor |
| CN1635731A (en) * | 2003-12-27 | 2005-07-06 | 海信集团有限公司 | Reconfigurable password coprocessor circuit |
| CN102185692A (en) * | 2011-04-25 | 2011-09-14 | 北京航空航天大学 | Multimode reconfigurable encryption method based on advanced encryption standard (AES) encryption algorithm |
-
2013
- 2013-05-07 CN CN201310163791.5A patent/CN103297223B/en not_active Expired - Fee Related
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| EP1215841A2 (en) * | 2000-12-13 | 2002-06-19 | Broadcom Corporation | Methods and apparatus for implementing a cryptography engine |
| US20040091105A1 (en) * | 2002-11-08 | 2004-05-13 | Kim Ho Won | Apparatus for hyperelliptic-curve cryptography processing |
| CN1635731A (en) * | 2003-12-27 | 2005-07-06 | 海信集团有限公司 | Reconfigurable password coprocessor circuit |
| CN1558588A (en) * | 2004-01-20 | 2004-12-29 | 海信集团有限公司 | Method for designing reconfigurable substitution module of reconfigurable cipher code coprocessor |
| CN102185692A (en) * | 2011-04-25 | 2011-09-14 | 北京航空航天大学 | Multimode reconfigurable encryption method based on advanced encryption standard (AES) encryption algorithm |
Cited By (10)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105912501A (en) * | 2016-05-06 | 2016-08-31 | 东南大学—无锡集成电路技术研究所 | SM4-128 encryption algorithm implementation method and system based on large-scale coarseness reconfigurable processor |
| CN105912501B (en) * | 2016-05-06 | 2018-11-06 | 东南大学—无锡集成电路技术研究所 | A kind of SM4-128 Encryption Algorithm realization method and systems based on extensive coarseness reconfigurable processor |
| CN105975251A (en) * | 2016-05-19 | 2016-09-28 | 东南大学—无锡集成电路技术研究所 | DES algorithm round iteration system and method based on coarse-grained reconfigurable architecture |
| CN105975251B (en) * | 2016-05-19 | 2018-10-02 | 东南大学—无锡集成电路技术研究所 | A kind of DES algorithm wheel iteration systems and alternative manner based on coarseness reconstruction structure |
| WO2019089590A1 (en) | 2017-10-30 | 2019-05-09 | Stc.Unm | System and methods directed to side-channel power resistance for encryption algorithms using dynamic partial reconfiguration |
| CN113347029A (en) * | 2020-09-29 | 2021-09-03 | 北京航空航天大学 | Torus network fault tolerance method based on topology reconstruction and path planning |
| CN113347029B (en) * | 2020-09-29 | 2022-05-31 | 北京航空航天大学 | Torus network fault tolerance method based on topology reconstruction and path planning |
| CN112350819A (en) * | 2020-10-23 | 2021-02-09 | 四川九洲电器集团有限责任公司 | Full-pipeline SMS4 encryption and decryption method and system |
| CN117056279A (en) * | 2023-10-12 | 2023-11-14 | 之江实验室 | Reconfigurable circuit, device for interconnection among reconfigurable core particles and method thereof |
| CN117056279B (en) * | 2023-10-12 | 2024-01-26 | 之江实验室 | Reconfigurable circuit, device for interconnection among reconfigurable core particles and method thereof |
Also Published As
| Publication number | Publication date |
|---|---|
| CN103297223B (en) | 2017-06-06 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN103297223A (en) | Self-recovery fault-tolerant AES structure based on reconfigurable dynamic state and encryption method thereof | |
| CN102025484B (en) | Block cipher encryption and decryption method | |
| Shahbazi et al. | Area-efficient nano-AES implementation for Internet-of-Things devices | |
| US20140173238A1 (en) | Methods and Circuits for Securing Proprietary Memory Transactions | |
| CN103051442B (en) | Cipher device adopting Feistel-PG structure and encryption method | |
| CN104639314A (en) | Device based on AES (advanced encryption standard) encryption/decryption algorithm and pipelining control method | |
| CN110784307B (en) | Lightweight cryptographic algorithm SCENERY implementation method, device and storage medium | |
| CN105007154B (en) | A kind of encrypting and decrypting device based on aes algorithm | |
| CN103152165A (en) | Field programmable gate array (FPGA)-based superfast auxiliary encoder system (AES) processor and implementing method thereof | |
| CN101431405B (en) | DES encrypted method and its hardware circuit implementing method | |
| Gheorghiu et al. | Accessing quantum secrets via local operations and classical communication | |
| Chee et al. | Multiply constant-weight codes and the reliability of loop physically unclonable functions | |
| CN104484615B (en) | Suitable for reconfigurable arrays framework based on space randomization fault-resistant attack method | |
| CN103444125A (en) | Encryption processing device, encryption processing method, and programme | |
| Legat et al. | A compact AES core with on-line error-detection for FPGA applications with modest hardware resources | |
| CN104158652B (en) | Circulating-unfolded-structured AES encryption/decryption circuit based on data redundancy real-time error detection mechanism | |
| CN106788976A (en) | A kind of AES encryption and decryption circuit simulation analysis method and device | |
| CN108650072A (en) | It is a kind of to support a variety of symmetric cryptographic algorithm chips and its anti-attack circuit implementation method | |
| CN104486069A (en) | GOST encryption and decryption equipment and method based on FPGA (field programmable gate array) | |
| Li et al. | Cell array reconfigurable architecture for high-efficiency AES system | |
| CN104158650B (en) | AES encryption/decryption circuit based on data redundancy error detection mechanism | |
| Rojas et al. | Comparative analysis on the scaling properties of arbiter-based pufs | |
| CN101355423B (en) | Method for generating stream cipher | |
| CN108494547A (en) | A kind of AES encryption system and chip | |
| Mulhem et al. | A New Low-Complexity Cipher Class for Clone-Resistant Identities |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant | ||
| CF01 | Termination of patent right due to non-payment of annual fee | ||
| CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20170606 Termination date: 20180507 |